$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/98bbbcef-0217-4c51-a717-7af30c63be28.roa File: 98bbbcef-0217-4c51-a717-7af30c63be28.roa (raw, json) Hash identifier: /QYzfi2Ga9miQ31xybrxp8B6zgYcB7E6QNiAawDnKqI= Subject key identifier: F0:CF:79:00:7B:E6:34:8F:8A:2D:69:D5:5F:21:F6:8D:BE:19:2D:F0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 69CAD84C619C611A1892C15446F16BB18178EC64 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/98bbbcef-0217-4c51-a717-7af30c63be28.roa Signing time: Wed 25 Jun 2025 00:00:50 +0000 ROA not before: Wed 25 Jun 2025 00:00:50 +0000 ROA not after: Wed 30 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:ca:d8:4c:61:9c:61:1a:18:92:c1:54:46:f1:6b:b1:81:78:ec:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 25 00:00:50 2025 GMT Not After : Jul 30 23:59:59 2025 GMT Subject: serialNumber=e39d324ca8a1b9dd30238ad77b82d84cdec301b929d0da141da69d96551bb9b7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:24:c4:b6:7e:00:9b:7a:03:dd:64:fe:43:29: ec:1c:41:30:2b:d4:e8:a5:05:aa:c7:67:15:22:35: d9:3d:b7:66:6b:da:0b:26:be:ca:0c:f8:64:bc:60: 69:35:eb:27:95:87:da:c1:09:3b:76:a0:bd:e5:fe: f4:c4:90:65:a7:33:3b:53:70:d8:5a:99:80:d7:f3: cf:8f:0e:cd:d3:07:c6:fa:56:df:8e:61:b0:e7:c2: d1:6b:9e:9b:eb:44:82:57:6e:fd:db:09:c5:17:60: d4:9c:06:5e:c8:a7:0b:01:60:d9:56:9d:33:61:71: d1:a9:34:b1:18:a1:6c:22:34:48:fa:20:ff:7c:a5: 87:d7:70:f8:64:4d:fe:5c:96:4f:8f:8b:e0:58:4f: 35:ea:18:de:fe:58:e4:c0:7b:5a:f5:0a:e5:e9:93: 35:91:0f:b6:09:1d:90:79:e8:66:a3:49:b9:6b:9e: e6:d8:52:e4:64:eb:75:2f:34:f7:a5:df:b4:fc:de: 87:0f:e5:cd:cd:d2:25:24:34:11:da:96:e5:8a:6b: 52:ff:54:1a:df:b9:b3:38:86:c0:4d:d7:70:68:b6: 7f:14:6f:12:d4:91:99:54:fc:fc:59:58:df:b5:97: f9:8e:c8:af:bf:dc:32:0b:73:b5:a8:b5:95:05:5c: 8c:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:CF:79:00:7B:E6:34:8F:8A:2D:69:D5:5F:21:F6:8D:BE:19:2D:F0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/98bbbcef-0217-4c51-a717-7af30c63be28.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:8800::/40 Signature Algorithm: sha256WithRSAEncryption 0a:40:d1:f4:da:e2:b9:fa:bf:04:91:a2:87:72:ce:56:24:f3: 7c:ec:d0:b5:94:05:ca:ab:34:bc:15:a3:c8:c6:d0:a1:06:46: cc:b6:14:c1:00:5b:dc:50:dd:f6:6a:ca:a2:51:66:2f:d6:03: 3d:76:6b:54:d2:2e:1d:21:c2:2d:c9:0c:e9:f8:60:b6:58:87: 91:f7:b1:f9:59:a9:aa:42:d1:cb:43:69:44:17:4e:ee:84:af: d0:2f:6a:78:eb:12:68:31:06:ea:f5:23:d7:f3:70:4e:4f:3b: 5f:33:e3:4f:27:b0:5f:e7:b4:d7:b4:7e:9b:7a:de:29:d2:ad: 5a:6b:98:73:05:08:3c:64:a8:f4:d2:ec:57:01:e8:96:c4:f1: 07:31:a0:ba:c2:08:4a:5f:0b:04:b9:74:6c:ed:8a:79:ed:5e: 12:ba:6e:fa:a4:8d:c6:84:9e:28:d7:d4:bf:f9:c0:4d:4e:b3: 23:37:f6:87:0c:c2:6c:ee:15:d8:4d:d0:63:a1:64:50:c2:c8: 8c:6a:01:dd:7e:ba:5f:e5:bb:88:c6:40:b3:dc:98:03:3c:ef: 43:d3:b8:a9:5e:93:5a:01:b2:ff:ba:c2:a9:65:1e:60:15:56: 88:8d:55:29:c5:a0:09:43:a9:91:2b:45:da:33:bb:64:1f:34: d6:2a:2c:c9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUacrYTGGcYRoYksFURvFrsYF47GQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNTAwMDA1MFoX DTI1MDczMDIzNTk1OVowejFJMEcGA1UEBRNAZTM5ZDMyNGNhOGExYjlkZDMwMjM4 YWQ3N2I4MmQ4NGNkZWMzMDFiOTI5ZDBkYTE0MWRhNjlkOTY1NTFiYjliNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniTEtn4Am3oD3WT+QynsHEEwK9To pQWqx2cVIjXZPbdma9oLJr7KDPhkvGBpNesnlYfawQk7dqC95f70xJBlpzM7U3DY WpmA1/PPjw7N0wfG+lbfjmGw58LRa56b60SCV2792wnFF2DUnAZeyKcLAWDZVp0z YXHRqTSxGKFsIjRI+iD/fKWH13D4ZE3+XJZPj4vgWE816hje/ljkwHta9Qrl6ZM1 kQ+2CR2Qeehmo0m5a57m2FLkZOt1LzT3pd+0/N6HD+XNzdIlJDQR2pblimtS/1Qa 37mzOIbATddwaLZ/FG8S1JGZVPz8WVjftZf5jsivv9wyC3O1qLWVBVyMFQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPDPeQB75jSPii1p1V8h9o2+GS3wMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk4YmJiY2VmLTAyMTctNGM1MS1hNzE3LTdhZjMwYzYzYmUyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+IgwDQYJKoZIhvcNAQELBQADggEBAApA0fTa4rn6vwSRoody zlYk83zs0LWUBcqrNLwVo8jG0KEGRsy2FMEAW9xQ3fZqyqJRZi/WAz12a1TSLh0h wi3JDOn4YLZYh5H3sflZqapC0ctDaUQXTu6Er9AvanjrEmgxBur1I9fzcE5PO18z 408nsF/ntNe0fpt63inSrVprmHMFCDxkqPTS7FcB6JbE8QcxoLrCCEpfCwS5dGzt inntXhK6bvqkjcaEnijX1L/5wE1OsyM39ocMwmzuFdhN0GOhZFDCyIxqAd1+ul/l u4jGQLPcmAM870PTuKlek1oBsv+6wqllHmAVVoiNVSnFoAlDqZErRdozu2QfNNYq LMk= -----END CERTIFICATE-----Generated at Sun Jun 29 04:15:16 2025 by rpki-client